IBM Tivoli Directory Server Null Pointer Dereference Lets Remote Users Crash the Server
|
|
SecurityTracker Alert ID: 1023433 |
|
SecurityTracker URL: http://securitytracker.com/id/1023433
|
|
CVE Reference:
CVE-2010-0312
(Links to External Site)
|
Updated: Jan 18 2010
|
Original Entry Date: Jan 12 2010
|
Impact:
Denial of service via network
|
Exploit Included: Yes
|
Version(s): 6.2
|
Description:
A vulnerability was reported in IBM Tivoli Directory Server. A remote user can cause denial of service conditions.
A remote user can send specially crafted data to cause the target ibmslapd service to crash.
Evgeny Legerov of Intevydis reported this vulnerability.
The original advisory is available at:
http://intevydis.blogspot.com/2010/01/tivoli-directory-server-62-doextendedop.html
|
Impact:
A remote user can cause the target service to crash.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: www.ibm.com/ (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (2000)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 12 Jan 2010 19:20:26 +0000
Subject: Tivoli Directory Server 6.2 do_extendedOp DoS
|
http://intevydis.blogspot.com/2010/01/tivoli-directory-server-62-doextendedop.html
|
|
